Right here's yet one more troubling story about this "golden" period of AI. A hacker has exploited Anthropic's Claude chatbot to hold out assaults in opposition to Mexican authorities businesses, according to a report by Bloomberg. This resulted within the theft of 150GB of official authorities knowledge, together with taxpayer data, worker credentials and extra.
The hacker used Claude to seek out vulnerabilities in authorities networks and to put in writing scripts to use them. It additionally tasked the chatbot with discovering methods to automate knowledge theft, as indicated by cybersecurity firm Gambit Safety. This began in December and continued for round a month.
It appears just like the hacker was capable of basically jailbreak Claude with prompts, lastly bypassing the chatbot's guardrails. Claude initially refused the nefarious calls for till ultimately relenting.
Hackers Used Anthropic’s Claude to Steal 150 GB of Mexican Authorities Information
> Inform Claude you’re doing a bug bounty
> Claude initially refused:
> “That violates AI security pointers”
> Hacker simply stored asking
> Claude: “OK, I’ll assist”
> Hacked your complete Mexican… pic.twitter.com/Qaux239K8t— Nawaz Haider (@nawaz0x1) February 25, 2026
"In complete, it produced hundreds of detailed studies that included ready-to-execute plans, telling the human operator precisely which inside targets to assault subsequent and what credentials to make use of," stated Curtis Simpson, Gambit Safety’s chief technique officer.
Anthropic has investigated the claims, disrupted the exercise and banned the entire accounts concerned, in keeping with an organization consultant. The spokesperson additionally stated that its newest mannequin, Claude Opus 4.6, contains instruments to disrupt this type of misuse.
It's additionally been reported that this hacker used ChatGPT to complement the assaults, utilizing OpenAI's chatbot to assemble data on how you can transfer by laptop networks, decide which credentials have been wanted to entry techniques and how you can keep away from detection. OpenAI says it has recognized makes an attempt by the hacker to violate its utilization insurance policies and that the instruments refused to conform.
The hacker stays unidentified. The assaults haven't been attributed to a particular group, however Gambit Safety did counsel they may very well be tied to a overseas authorities. It's additionally unclear what the hacker desires to do with all of that knowledge.
Mexico's nationwide digital company hasn't commented on the breach, however did notice that cybersecurity is a precedence. The state authorities of Jalisco denies that it was breached, saying solely federal networks have been impacted. Nonetheless, Mexico's nationwide electoral institute additionally denied any breaches or unauthorized entry in current months. It's price noting that Gambit discovered not less than 20 safety vulnerabilities throughout its analysis that the nation is probably going not eager on highlighting.
Anthropic simply dropped the core dedication of its security coverage: the promise to not practice fashions it couldn't show have been secure first.
The brand new model commits to matching opponents on security and publishing extra transparency studies. However the precise constraint, "we cease if we are able to't… pic.twitter.com/k5Zi6dHUMN— Raphael Pfeiffer (@raphpfei) February 25, 2026
This isn't the primary time Claude has been used for a serious cyberattack. Final yr, hackers in China manipulated the instrument into trying to infiltrate dozens of worldwide targets, a number of of which have been profitable. Anthropic simply nixed its long-standing security pledge, which dedicated to by no means practice an AI system except it might assure upfront that security measures have been enough. So who is aware of what contemporary hell the longer term will carry as the corporate's instruments change into extra superior.
This text initially appeared on Engadget at https://www.engadget.com/ai/hacker-used-anthropics-claude-chatbot-to-attack-multiple-government-agencies-in-mexico-171237255.html?src=rss